<%
String bidAmount = request.getParameter("bidAmount");
String auctionId = request.getParameter("auctionId");
String username = ""+session.getValue("login");
String mysJDBCDriver = (String)session.getValue("mysJDBCDriver"); 
String mysURL = (String)session.getValue("mysURL"); 
String mysUserID = (String)session.getValue("mysUserID");
String mysPassword = (String)session.getValue("mysPassword");

java.sql.Connection conn=null;
try 
{
    Class.forName(mysJDBCDriver).newInstance();
	java.util.Properties sysprops=System.getProperties();
	sysprops.put("user",mysUserID);
	sysprops.put("password",mysPassword);
     
	//connect to the database
	conn=java.sql.DriverManager.getConnection(mysURL,sysprops);
	System.out.println("Connected successfully to database using JConnect");

	java.sql.Statement stmt1=conn.createStatement();
	
	java.util.Date dt = new java.util.Date();
	java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
	String currentTime = sdf.format(dt);
	
	stmt1.executeUpdate("insert into Bid values('"+username+"','"+auctionId+"','"+ currentTime + "', '"+bidAmount+"')");
	response.sendRedirect("AuctionInfo.jsp?auctionId=" + auctionId);
} catch(Exception e)
{
	e.printStackTrace();
	out.print(e.toString());
}
finally{

	try{conn.close();}catch(Exception ee){};
}
%>